A blog to share security, networking and cloud related technology information as @vCloudernBeer picked up on his search for his destiny in the cloud. (LinkedIn: https://www.linkedin.com/in/chowanthony)

Sunday, November 2, 2014

OpenStack Series: Part 2 – What’s new in the Juno Release

OpenStack Juno, the tenth release of the open source
software for building public, private, and hybrid clouds. According to Solinea the Juno release has 3 main theme:

Enterprise Maturity

Foundation for NFV Support

Data Processing Capability

Storage Policies of Object Storage
Under the umbrella of the "Enterprise Maturity" is the storage policy for Swift that is worth mentioning. Storage policy has been in place for Cinder but not until this Juno release that it is also available for object storage. Back in 2013 VMware has the storage profile feature. In fact policy is an hot yet in an infant stage within OpenStack. There is a new project call Congress that makes "Policy as a Service" to provide a common interface to define policy or policies for the various services in OpenStack such as Nova, Neutron and of course the storage services (Cinder, Swift and Glance).

Network Function Virtualization NFV (Network Function Virtualization) is an hot topic these days. It is to move the Layer 4 to Layer 7 network function such as firewall, IPS/IDS or load balancing from the traditional hardware platform into virtual machines. This will make the provisioning of these network function faster as well as easier to automate thus meeting the demands of the other core components of a cloud or virtualized infrastructure. VMware NSX has a notion of micro-segmentation where distributing the firewall function onto the individual hypervisor. This helps to mitigate localize security risk closest to the virtual machine.

Distributed Virtual Router
Another big feature in the Neutron is the DVR (Distributed Virtual Router). While SDN (Software Defined Networking) is favoring a centralized controller, the network functions even for a Layer 3 router is moving to a distributed mode.

New Project
Only one project is moved from incubated to integrated status in the Juno release. It is the Sahara project - "Data Processing as a Service". Currently it support Hadoop and Spark where I think the support for Hadoop in the Sahara project is more mature.

Enhancementsto the Incubated Projects
For the incubated projects there are more feature enhancements in TripleO and Marconi as well as better QA for Tempest and Grenade. Rich Bowen (@rbowen) has an good article on these changes.

Enhancements to Integrated Projects
Below is extracted from the OpenStack Juno release announcement. It listed the changes to all the integrated projects. I have made the description in note format for easier reading:

Compute
(Nova)

A Network Functions Virtualization (NFV)
cross-project development team formed at the May Summit, and features began to
land in the Juno cycle starting with the Compute project.

Many operational updates were also made this
cycle including improvements for rescue mode that users requested as well as
allowing per-network setting on nova-network code.

Key drivers were added such as bare metal as a
service (Ironic) and Docker support through StackForge.

Additional improvements were made to support
scheduling and live upgrades.

Block
Storage (Cinder)

Block Storage added ten new storage backends
this release and

Improved testing on third-party storage systems.

Cinder v2 API integration into Nova was also
completed this cycle.

The block storage project continues to mature
each cycle building out core functionality with a consistent contributor base.

Dashboard
(Horizon)

Dashboard rolled out the ability to deploy
Apache Hadoop clusters in seconds, giving users the ability to rapidly scale
data sets based on a set of custom parameters.

Additional improvements include extending the
RBAC system to support OpenStack projects Compute, Networking, and
Orchestration

Orchestration
(Heat)

In Juno, it is easier to roll back a failed
deployment and ensure thorough cleanup.

Federated authentication improvements allow
users to access private and public OpenStack clouds with the same credentials.

Keystone can be configured to use multiple
identity backends, and integration with LDAP is much easier.

Telemetry
(Ceilometer)

Telemetry reported increases in performance this
cycle as well as efficiency improvements including metering of some types of
networking services such as load balancers, firewalls and VPNs as a service.

Image
Service (Glance)

The Image Service introduced artifacts as a
broader definition for images during Juno.

Other key new features included asynchronous
processing, a Metadata Definitions Catalog and restricted policies for
downloading images.